Input-Output Example-Guided Data Deobfuscation on Binary

Data obfuscation is usually used by malicious software to avoid detection and reverse analysis. When analyzing the malware, such obfuscations have to be removed to restore the program into an easier understandable form (deobfuscation). The deobfuscation based on program synthesis provides a good solution for treating the target program as a black box. Thus, deobfuscation becomes a problem of finding the shortest instruction sequence to synthesize a program with the same input-output behavior as the target program. Existing work has two limitations: assuming that obfuscated code snippets in the target program are known and using a stochastic search algorithm resulting in low efficiency. In this paper, we propose fine-grained obfuscation detection for locating obfuscated code snippets by machine learning. Besides, we also combine the program synthesis and a heuristic search algorithm of Nested Monte Carlo Search. We have applied a prototype implementation of our ideas to data obfuscation in different tools, including OLLVM and Tigress. Our experimental results suggest that this approach is highly effective in locating and deobfuscating the binaries with data obfuscation, with an accuracy of at least 90.34%. Compared with the state-of-the-art deobfuscation technique, our approach’s efficiency has increased by 75%, with the success rate increasing by 5%.

Blockchain from the Perspective of Privacy and Anonymisation: A Systematic Literature Review

The research presented aims to investigate the relationship between privacy and anonymisation in blockchain technologies on different fields of application. The study is carried out through a systematic literature review in different databases, obtaining in a first phase of selection 199 publications, of which 28 were selected for data extraction. The results obtained provide a strong relationship between privacy and anonymisation in most of the fields of application of blockchain, as well as a description of the techniques used for this purpose, such as Ring Signature, homomorphic encryption, k-anonymity or data obfuscation. Among the literature researched, some limitations and future lines of research on issues close to blockchain technology in the different fields of application can be detected. As conclusion, we extract the different degrees of application of privacy according to the mechanisms used and different techniques for the implementation of anonymisation, being one of the risks for privacy the traceability of the operations.

Data Obfuscation Technique for Security in Cloud Computing

Cloud computing is at present a day's changes into the most crushed in marvels to use for enormous scale alliance or for person who need unmistakable structure organizations with least expense. Usually person's data is dealt with on open Cloud which is accessible to everybody for get to. These focal raises some issue in reverse to adaptable organizations gave by cloud suppliers, similar to Confidentiality, Integrity, Availability, Authorization and some more. Starting late, Lots of decisions are open to guarantee the data and most perfect ways is to use encryption. Encryption can't give enough confirmation while contemplating heaps of customers' fragile data. It in like manner eats up greater chance to perform encryption and translating process for every single inquiry. Moreover it is definitely not an OK practice to contemplate customer driven considering the way that once customer data is moved on Cloud premises, customer doesn't have direct control over this data. To empty load of Cloud server likewise to give acceptable security to customer's data, we propose a methodology by joining the two procedures viz. Jumbling and Encryption in this assessment paper. Customer data may be scrambled if protection is needed for its records or reports and the SaaS Cloud organization is reviewed using obscurity techniques. Using this two-way approach, we may assume that the proposed agreement provides sufficient protections for darkened access and safety of even open data on cloud servers. Our point is additionally to give appropriate assessment on data disordering for security in cloud computing.